CVE-2010-2656

by Fred · 07/07/2010

The IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly other versions before 4.7 and 5.0, stores sensitive information under the web root with insufficient access control, which allows remote attackers to download (1) logs or (2) core files via direct requests, as demonstrated by a request for private/sdc.tgz.

Date published : 2010-07-07

http://www.securityfocus.com/bid/41383

http://www.exploit-db.com/exploits/14237/

CVE-2010-2656

Similar

Recent Posts

Categories

CVE-2010-2656

Share this:

Similar

Recent Posts

Categories

Tags